1 /*
2  * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef USER_AUTH_SERVICE_H
17 #define USER_AUTH_SERVICE_H
18 
19 #include "user_auth_stub.h"
20 
21 #include <string>
22 #include <system_ability.h>
23 #include <system_ability_definition.h>
24 
25 #include "context_callback.h"
26 #include "context_factory.h"
27 #include "context_pool.h"
28 #include "resource_node_pool.h"
29 #include "user_idm_database.h"
30 #include "attributes.h"
31 
32 namespace OHOS {
33 namespace UserIam {
34 namespace UserAuth {
35 class UserAuthService : public SystemAbility, public UserAuthStub, public NoCopyable {
36 public:
37     DECLARE_SYSTEM_ABILITY(UserAuthService);
38     static std::shared_ptr<UserAuthService> GetInstance();
39 
40     UserAuthService();
41     ~UserAuthService() override = default;
42     int32_t GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
43         AuthTrustLevel authTrustLevel) override;
44     int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel) override;
45     void GetProperty(int32_t userId, AuthType authType,
46         const std::vector<Attributes::AttributeKey> &keys,
47         sptr<GetExecutorPropertyCallbackInterface> &callback) override;
48     void GetPropertyById(uint64_t credentialId, const std::vector<Attributes::AttributeKey> &keys,
49         sptr<GetExecutorPropertyCallbackInterface> &callback) override;
50     void SetProperty(int32_t userId, AuthType authType, const Attributes &attributes,
51         sptr<SetExecutorPropertyCallbackInterface> &callback) override;
52     uint64_t AuthUser(AuthParamInner &param, std::optional<RemoteAuthParam> &remoteAuthParam,
53         sptr<UserAuthCallbackInterface> &callback) override;
54     uint64_t Auth(int32_t apiVersion, const std::vector<uint8_t> &challenge, AuthType authType,
55         AuthTrustLevel authTrustLevel, sptr<UserAuthCallbackInterface> &callback) override;
56     uint64_t AuthWidget(int32_t apiVersion, const AuthParamInner &authParam,
57         const WidgetParam &widgetParam, sptr<UserAuthCallbackInterface> &callback) override;
58     uint64_t Identify(const std::vector<uint8_t> &challenge, AuthType authType,
59         sptr<UserAuthCallbackInterface> &callback) override;
60     int32_t CancelAuthOrIdentify(uint64_t contextId) override;
61     int32_t GetVersion(int32_t &version) override;
62     int32_t Notice(NoticeType noticeType, const std::string &eventData) override;
63     int32_t RegisterWidgetCallback(int32_t version, sptr<WidgetCallbackInterface> &callback) override;
64     int32_t GetEnrolledState(int32_t apiVersion, AuthType authType, EnrolledState &enrolledState) override;
65     int32_t RegistUserAuthSuccessEventListener(const std::vector<AuthType> &authType,
66         const sptr<AuthEventListenerInterface> &listener) override;
67     int32_t UnRegistUserAuthSuccessEventListener(const sptr<AuthEventListenerInterface> &listener) override;
68     int32_t SetGlobalConfigParam(const GlobalConfigParam &param) override;
69     int32_t PrepareRemoteAuth(const std::string &networkId, sptr<UserAuthCallbackInterface> &callback) override;
70 
71 protected:
72     void OnStart() override;
73     void OnStop() override;
74 
75 private:
76     std::shared_ptr<ContextCallback> GetAuthContextCallback(int32_t apiVersion,
77         const std::vector<uint8_t> &challenge, AuthType authType, AuthTrustLevel authTrustLevel,
78         sptr<UserAuthCallbackInterface> &callback);
79     std::shared_ptr<ContextCallback> GetAuthContextCallback(int32_t apiVersion,
80         const AuthParamInner &authParam, const WidgetParam &widgetParam, sptr<UserAuthCallbackInterface> &callback);
81     bool CheckAuthTrustLevel(AuthTrustLevel authTrustLevel);
82     bool CheckSingeFaceOrFinger(const std::vector<AuthType> &authType);
83     bool CheckPrivatePinEnroll(const std::vector<AuthType> &authType, std::vector<AuthType> &validType);
84     int32_t CheckAuthWidgetType(const std::vector<AuthType> &authType);
85     int32_t CheckAuthPermissionAndParam(const AuthParamInner &authParam, const WidgetParam &widgetParam,
86         bool isBackgroundApplication);
87     uint64_t StartWidgetContext(const std::shared_ptr<ContextCallback> &contextCallback,
88         const AuthParamInner &authParam, const WidgetParam &widgetParam, std::vector<AuthType> &validType,
89         ContextFactory::AuthWidgetContextPara &para);
90     uint64_t StartAuthContext(int32_t apiVersion, Authentication::AuthenticationPara para,
91         const std::shared_ptr<ContextCallback> &contextCallback);
92     uint64_t AuthRemoteUser(AuthParamInner &authParam, Authentication::AuthenticationPara &para,
93         RemoteAuthParam &remoteAuthParam, const std::shared_ptr<ContextCallback> &contextCallback,
94         ResultCode &failReason);
95     uint64_t StartRemoteAuthInvokerContext(AuthParamInner authParam,
96         RemoteAuthInvokerContextParam &param, const std::shared_ptr<ContextCallback> &contextCallback);
97     bool Insert2ContextPool(const std::shared_ptr<Context> &context);
98     bool CheckCallerIsSystemApp();
99     int32_t CheckAuthPermissionAndParam(int32_t authType, const int32_t &callerType, const std::string &callerName,
100         AuthTrustLevel authTrustLevel);
101     bool CheckAuthPermissionAndParam(AuthType authType, AuthTrustLevel authTrustLevel,
102         const std::shared_ptr<ContextCallback> &contextCallback, Attributes &extraInfo);
103     bool CheckAuthTypeIsValid(std::vector<AuthType> authType);
104     int32_t CheckValidSolution(int32_t userId, const AuthParamInner &authParam, const WidgetParam &widgetParam,
105         std::vector<AuthType> &validType);
106     int32_t GetCallerInfo(bool isUserIdSpecified, int32_t userId, ContextFactory::AuthWidgetContextPara &para,
107         bool &isBackgroundApplication, std::shared_ptr<ContextCallback> &contextCallback);
108     int32_t CheckCallerPermissionForPrivatePin(const AuthParamInner &authParam);
109     void FillGetPropertyKeys(AuthType authType, const std::vector<Attributes::AttributeKey> &keys,
110         std::vector<uint32_t> &uint32Keys);
111     void FillGetPropertyValue(AuthType authType, const std::vector<Attributes::AttributeKey> &keys, Attributes &values);
112     bool CompleteRemoteAuthParam(RemoteAuthParam &remoteAuthParam, const std::string &localNetworkId);
113     int32_t PrepareRemoteAuthInner(const std::string &networkId);
114     bool GetAndUpateOsAccountVerifiedState(int32_t userId);
115     std::shared_ptr<ResourceNode> GetResourseNode(AuthType authType);
116     int32_t GetAvailableStatusInner(int32_t apiVersion, int32_t userId, AuthType authType,
117         AuthTrustLevel authTrustLevel);
118     void ProcessPinExpired(int32_t ret, const AuthParamInner &authParam, std::vector<AuthType> &validType,
119         ContextFactory::AuthWidgetContextPara &para);
120     void GetPropertyInner(AuthType authType, const std::vector<Attributes::AttributeKey> &keys,
121         sptr<GetExecutorPropertyCallbackInterface> &callback, std::vector<uint64_t> &templateIds);
122     static std::mutex mutex_;
123     static std::shared_ptr<UserAuthService> instance_;
124 
125     bool osAccountVerifiedState_ = false;
126 };
127 } // namespace UserAuth
128 } // namespace UserIam
129 } // namespace OHOS
130 #endif // USER_AUTH_SERVICE_H